Sr. Associate, Technology Infrastructure Business Control & Risk Management

Banco SantanderQuincy, MA
Onsite
Match Resume

About The Position

The Sr. Associate, Technology Infrastructure Functional Control Officer operates within the First Line of Defense and is accountable for supporting the Technology Infrastructure organization in executing against the Enterprise Risk Management Framework while ensuring effective risk identification, assessment, mitigation, monitoring, and control execution across critical infrastructure services. The incumbent serves as a trusted risk advisor and control partner to Infrastructure Engineering, Operations, and Service Management teams. This role is responsible for strengthening the risk and control environment across infrastructure domains including: Job Scheduling & Workload Automation IT Incident Management IT Problem Management IT Asset Management Capacity & Performance Management Disaster Recovery & Operational Resilience Change & Release Management Patch & Vulnerability Management Enterprise Backup & Recovery Configuration Management (CMDB) Physical & Environmental Security Network Engineering & Operations Data Center Operations Infrastructure Monitoring & Event Management Technology Service Continuity The Sr. Associate will lead risk assessments, control evaluations, issue remediation oversight, key risk indicator development, and operational resilience initiatives while ensuring adherence to regulatory requirements, industry frameworks, and enterprise standards. The role serves as a subject matter expert in technology operational risk, infrastructure controls, and resiliency practices and works closely with Technology, Cybersecurity, Enterprise Risk Management, Internal Audit, Regulatory Affairs, and Second Line Risk functions.

Requirements

  • Bachelor’s Degree: in related field or equivalent demonstrated through a combination of work experience, training, military service, or education - Required
  • 9+ Years Risk Management, Internal Controls, Auditing, Credit Management, relevant line of business experience and/or legal or regulatory experience. - Required.
  • 8-10+ years of experience in Technology Risk Management, IT Audit, Infrastructure Operations, Cybersecurity Governance, Operational Risk Management, or Infrastructure Engineering.
  • Strong understanding with the following: ITIL processes, Infrastructure Operations, Network Engineering, Enterprise Backup & Recovery, Configuration Management, Capacity & Performance Management, Asset Management, Incident & Problem Management, Patch & Vulnerability Management.
  • Applicants must be legally authorized to work in the United States on a full-time basis without requiring employer sponsorship to commence employment.

Nice To Haves

  • Master’s Degree: in related field or equivalent demonstrated through a combination of work experience, training, military service, or education - Preferred
  • CRISC (Certified in Risk and Information Systems Control)
  • CISA (Certified Information Systems Auditor)
  • CGEIT (Certified in the Governance of Enterprise IT)
  • CISSP (Certified Information Systems Security Professional)
  • ITIL 4 Managing Professional or ITIL 4 Strategic Leader
  • Certified Information Security Manager (CISM)
  • Certified Business Continuity Professional (CBCP)
  • Certified Disaster Recovery Engineer (CDRE)
  • Certified in Cybersecurity (CC)
  • AWS Security Specialty
  • Microsoft Azure Security Engineer Associate
  • COBIT Foundation or COBIT Design & Implementation
  • PMP (Project Management Professional)

Responsibilities

  • Promote risk awareness and accountability throughout Infrastructure Operations and Engineering teams.
  • Ensure awareness and adherence to Enterprise Risk Management, Operational Risk, Technology Risk, Cybersecurity, and Resiliency frameworks.
  • Partner with Second Line Risk and Technology Risk Management teams to ensure alignment with enterprise standards.
  • Support governance forums, risk committees, and infrastructure risk reporting routines.
  • Lead and facilitate Risk and Control Self-Assessments (RCSA) for infrastructure functions.
  • Perform process mapping and maintain Risk & Control Matrices (RCMs) for infrastructure processes.
  • Assess inherent and residual risks across infrastructure services.
  • Evaluate emerging risks related to cloud adoption, automation, resiliency, cyber threats, and third-party service dependencies.
  • Assess design and operating effectiveness of controls supporting: Change & Release Management, Incident & Problem Management, Job Scheduling, Patch Management, Enterprise Backup & Recovery, Disaster Recovery, Capacity Management, Configuration Management, Asset Management, Physical Security, Network Operations.
  • Validate control performance through testing, evidence review, walkthroughs, and monitoring activities.
  • Identify control gaps and facilitate remediation plans.
  • Develop and monitor Key Risk Indicators (KRIs), Key Performance Indicators (KPIs), and Key Control Indicators (KCIs).
  • Analyze operational trends related to: Infrastructure availability, Incident volumes, Problem recurrence, Backup success rates, Patch compliance, Capacity utilization, Change success rates, Disaster recovery testing, Network performance.
  • Identify emerging risks and escalate material concerns.
  • Support issue identification, root cause analysis, corrective action planning, and remediation validation.
  • Ensure timely closure of audit, regulatory, and self-identified findings.
  • Challenge action plans to ensure sustainable risk reduction.
  • Support enterprise operational resilience programs.
  • Evaluate disaster recovery capabilities and testing results.
  • Assess recovery objectives (RTO/RPO), resilience strategies, and critical service dependencies.
  • Monitor compliance with business continuity and technology recovery standards.
  • Serve as Infrastructure Risk liaison for: Validate management responses and corrective actions. Coordinate evidence gathering and remediation activities.
  • Managed and execute risk activities associated with the following Technology Risk Programs: Risk & Control Self-Assessments (RCSA), Technology Risk Assessments, Issues Management, Operational Resilience Scenario Analysis, Material Risk Program Event Management, Loss Event Reporting, Control Testing, Third-Party Technology Risk, Technology Change Risk Reviews.
  • Experience conducting RCSAs, control testing, issue management, and remediation validation.

Benefits

  • Base Pay Range: Minimum: $86,250.00 USD Maximum: $155,000.00 USD
  • fair and competitive rewards package
  • benefits are designed to support you, your family and your well-being, now and into the future.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Job Search Resources

Similar Sr. Associate, Technology Infrastructure Business Control & Risk Management job opportunities

Sr. Associate, Technology Infrastructure Business Control & Risk Management
Santander
Santander • Quincy, MA8d • $86,250 - $155,000 • Onsite
Sr. Director – Technology Risk Management
Early Warning®
Early Warning® • New York, NY8d • $226,000 - $282,000 • Hybrid
Sr. Director – Technology Risk Management
Early Warning Services
Early Warning Services • New York City, NY3d • Hybrid
SR Business Control Specialist - Technology Risk & Regulatory Officer
Bank of America
Bank of America • Charlotte, NC10d • Onsite
Sr Associate, Technology Vendor Management
American Express
American Express • Phoenix, AZ8d • $89,250 - $150,250 • Hybrid
🔥 New JobTechnology Risk and Control Lead
JPMorganChase
JPMorganChase • Columbus, OH1d

Tools

Templates & Examples

Resources

Comparisons

Company

Over 4 Million Users
Free AI tools and resources to help you land your next job, faster
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service